mirror of https://github.com/ConsenSys/mythril
blockchainethereumsmart-contractssoliditysecurityprogram-analysissecurity-analysissymbolic-execution
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Konrad Weiss
b18edc8d5d
|
7 years ago | |
---|---|---|
.circleci | 7 years ago | |
mythril | 7 years ago | |
solidity_examples | 7 years ago | |
static | 7 years ago | |
tests | 7 years ago | |
.coveragerc | 7 years ago | |
.editorconfig | 7 years ago | |
.gitattributes | 7 years ago | |
.gitignore | 7 years ago | |
Dockerfile | 7 years ago | |
LICENSE | 7 years ago | |
MANIFEST.in | 7 years ago | |
Pipfile | 7 years ago | |
Pipfile.lock | 7 years ago | |
README.md | 7 years ago | |
all_tests.sh | 7 years ago | |
annotationWrapper.py | 7 years ago | |
coverage_report.sh | 7 years ago | |
myth | 7 years ago | |
requirements.txt | 7 years ago | |
setup.py | 7 years ago | |
signatures.json | 7 years ago |
README.md
Mythril
Mythril is a security analysis tool for Ethereum smart contracts. It uses concolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. The analysis is based on laser-ethereum, a symbolic execution library for EVM bytecode.
Installation and setup
Build the Docker image:
$ git clone https://github.com/ConsenSys/mythril/
$ docker build mythril
Install from Pypi:
$ pip3 install mythril
See the Wiki for more detailed instructions.
Usage
Documentation has moved to the Wiki page.
Publications and Videos
- HITBSecConf 2018 - Smashing Ethereum smart contracts for fun and real profit
- HITBSecConf 2018 conference paper
- EDCon Toronto 2018 - Mythril: Find bugs and verify security properties in your contracts
Acknowledgements
-
JSON RPC library is adapted from ethjsonrpc (it doesn't seem to be maintained anymore, and I needed to make some changes to it).
-
The signature data in
signatures.json
was initially obtained from the Ethereum Function Signature Database. -
Many features, bugfixes and analysis modules have been added by contributors.